CVE-2024-6717 - Vulnerability Details - OpenCVE

HashiCorp Nomad and Nomad Enterprise 1.6.12 up to 1.7.9, and 1.8.1 archive unpacking during migration is vulnerable to path escaping of the allocation directory. This vulnerability, CVE-2024-6717, is fixed in Nomad 1.6.13, 1.7.10, and 1.8.2.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00156.

Key SSVC decision points have not yet been added.

Vendors	Products
Hashicorp	Nomad

Configuration 1 [-]

OR	cpe:2.3:a:hashicorp:nomad:::::-:::*
	cpe:2.3:a:hashicorp:nomad:::::enterprise:::*
	cpe:2.3:a:hashicorp:nomad:1.6.12::::-:::
	cpe:2.3:a:hashicorp:nomad:1.6.12::::enterprise:::
	cpe:2.3:a:hashicorp:nomad:1.8.1::::-:::
	cpe:2.3:a:hashicorp:nomad:1.8.1::::enterprise:::

No data.

No data.

References

Link	Providers
https://discuss.hashicorp.com/t/hcsec-2024-15-nomad-vulnerable-to-allocation-directory-path-escape-through-archive-unpacking/68781

History

Fri, 02 Jan 2026 20:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Hashicorp Hashicorp nomad
CPEs		cpe:2.3:a:hashicorp:nomad:::::-:::* cpe:2.3:a:hashicorp:nomad:::::enterprise:::* cpe:2.3:a:hashicorp:nomad:1.6.12::::-::: cpe:2.3:a:hashicorp:nomad:1.6.12::::enterprise::: cpe:2.3:a:hashicorp:nomad:1.8.1::::-::: cpe:2.3:a:hashicorp:nomad:1.8.1::::enterprise:::
Vendors & Products		Hashicorp Hashicorp nomad

MITRE

Status: PUBLISHED

Assigner: HashiCorp

Published: 2024-07-23T00:16:20.955Z

Updated: 2024-08-01T21:41:04.313Z

Reserved: 2024-07-12T19:14:11.820Z

Link: CVE-2024-6717

Vulnrichment

Updated: 2024-08-01T21:41:04.313Z

NVD

Status : Analyzed

Published: 2024-07-23T01:15:09.190

Modified: 2026-01-02T20:23:38.783

Link: CVE-2024-6717

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-6717", "assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "state": "PUBLISHED", "assignerShortName": "HashiCorp", "dateReserved": "2024-07-12T19:14:11.820Z", "datePublished": "2024-07-23T00:16:20.955Z", "dateUpdated": "2024-08-01T21:41:04.313Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["64 bit", "32 bit", "x86", "ARM", "MacOS", "Windows", "Linux"], "product": "Nomad", "repo": "https://github.com/hashicorp/nomad", "vendor": "HashiCorp", "versions": [{"lessThan": "1.8.2", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "platforms": ["64 bit", "32 bit", "x86", "ARM", "MacOS", "Windows", "Linux"], "product": "Nomad Enterprise", "repo": "https://github.com/hashicorp/nomad", "vendor": "HashiCorp", "versions": [{"changes": [{"at": "1.6.13", "status": "unaffected"}, {"at": "1.7.10", "status": "unaffected"}], "lessThan": "1.8.2", "status": "affected", "version": "0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>HashiCorp Nomad and Nomad Enterprise 1.6.12 up to 1.7.9, and 1.8.1 archive unpacking during migration is vulnerable to path escaping of the allocation directory. This vulnerability, CVE-2024-6717, is fixed in Nomad 1.6.13, 1.7.10, and 1.8.2.</p><br/>"}], "value": "HashiCorp Nomad and Nomad Enterprise 1.6.12 up to 1.7.9, and 1.8.1 archive unpacking during migration is vulnerable to path escaping of the allocation directory. This vulnerability, CVE-2024-6717, is fixed in Nomad 1.6.13, 1.7.10, and 1.8.2."}], "impacts": [{"capecId": "CAPEC-126", "descriptions": [{"lang": "en", "value": "CAPEC-126: Path Traversal"}]}], "metrics": [{"cvssV3_1": {"baseScore": 7.7, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-610", "description": "CWE-610: Externally Controlled Reference to a Resource in Another Sphere", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "shortName": "HashiCorp", "dateUpdated": "2024-07-23T00:16:20.955Z"}, "references": [{"url": "https://discuss.hashicorp.com/t/hcsec-2024-15-nomad-vulnerable-to-allocation-directory-path-escape-through-archive-unpacking/68781"}], "source": {"advisory": "HCSEC-2024-15", "discovery": "INTERNAL"}, "title": "Nomad Vulnerable to Allocation Directory Path Escape Through Archive Unpacking"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-23T14:13:28.071492Z", "id": "CVE-2024-6717", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-24T18:39:26.702Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:41:04.313Z"}, "title": "CVE Program Container", "references": [{"url": "https://discuss.hashicorp.com/t/hcsec-2024-15-nomad-vulnerable-to-allocation-directory-path-escape-through-archive-unpacking/68781", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://discuss.hashicorp.com/t/hcsec-2024-15-nomad-vulnerable-to-allocation-directory-path-escape-through-archive-unpacking/68781", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:41:04.313Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-6717", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-23T14:13:28.071492Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-23T14:13:57.368Z"}}], "cna": {"title": "Nomad Vulnerable to Allocation Directory Path Escape Through Archive Unpacking", "source": {"advisory": "HCSEC-2024-15", "discovery": "INTERNAL"}, "impacts": [{"capecId": "CAPEC-126", "descriptions": [{"lang": "en", "value": "CAPEC-126: Path Traversal"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 7.7, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/hashicorp/nomad", "vendor": "HashiCorp", "product": "Nomad", "versions": [{"status": "affected", "version": "0", "lessThan": "1.8.2", "versionType": "semver"}], "platforms": ["64 bit", "32 bit", "x86", "ARM", "MacOS", "Windows", "Linux"], "defaultStatus": "unaffected"}, {"repo": "https://github.com/hashicorp/nomad", "vendor": "HashiCorp", "product": "Nomad Enterprise", "versions": [{"status": "affected", "changes": [{"at": "1.6.13", "status": "unaffected"}, {"at": "1.7.10", "status": "unaffected"}], "version": "0", "lessThan": "1.8.2", "versionType": "semver"}], "platforms": ["64 bit", "32 bit", "x86", "ARM", "MacOS", "Windows", "Linux"], "defaultStatus": "unaffected"}], "references": [{"url": "https://discuss.hashicorp.com/t/hcsec-2024-15-nomad-vulnerable-to-allocation-directory-path-escape-through-archive-unpacking/68781"}], "descriptions": [{"lang": "en", "value": "HashiCorp Nomad and Nomad Enterprise 1.6.12 up to 1.7.9, and 1.8.1 archive unpacking during migration is vulnerable to path escaping of the allocation directory. This vulnerability, CVE-2024-6717, is fixed in Nomad 1.6.13, 1.7.10, and 1.8.2.", "supportingMedia": [{"type": "text/html", "value": "<p>HashiCorp Nomad and Nomad Enterprise 1.6.12 up to 1.7.9, and 1.8.1 archive unpacking during migration is vulnerable to path escaping of the allocation directory. This vulnerability, CVE-2024-6717, is fixed in Nomad 1.6.13, 1.7.10, and 1.8.2.</p><br/>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-610", "description": "CWE-610: Externally Controlled Reference to a Resource in Another Sphere"}]}], "providerMetadata": {"orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "shortName": "HashiCorp", "dateUpdated": "2024-07-23T00:16:20.955Z"}}}, "cveMetadata": {"cveId": "CVE-2024-6717", "state": "PUBLISHED", "dateUpdated": "2024-08-01T21:41:04.313Z", "dateReserved": "2024-07-12T19:14:11.820Z", "assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "datePublished": "2024-07-23T00:16:20.955Z", "assignerShortName": "HashiCorp"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hashicorp:nomad:*:*:*:*:-:*:*:*", "matchCriteriaId": "DEF3F77B-2433-4DEA-82A8-E26B206B72C1", "versionEndExcluding": "1.7.10", "versionStartIncluding": "1.7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hashicorp:nomad:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "BF13D4BD-3A0A-466E-88CC-7CB24A3667AB", "versionEndExcluding": "1.7.10", "versionStartIncluding": "1.7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hashicorp:nomad:1.6.12:*:*:*:-:*:*:*", "matchCriteriaId": "3FAAF711-B8B9-4B44-BC98-0A172070A5F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:hashicorp:nomad:1.6.12:*:*:*:enterprise:*:*:*", "matchCriteriaId": "E586105E-A0B8-478A-A0D8-6695250C2914", "vulnerable": true}, {"criteria": "cpe:2.3:a:hashicorp:nomad:1.8.1:*:*:*:-:*:*:*", "matchCriteriaId": "674F4953-272D-4FC6-B475-8D9E9E655D61", "vulnerable": true}, {"criteria": "cpe:2.3:a:hashicorp:nomad:1.8.1:*:*:*:enterprise:*:*:*", "matchCriteriaId": "5D063505-2FC1-4A70-87AF-5DB24F55535F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "HashiCorp Nomad and Nomad Enterprise 1.6.12 up to 1.7.9, and 1.8.1 archive unpacking during migration is vulnerable to path escaping of the allocation directory. This vulnerability, CVE-2024-6717, is fixed in Nomad 1.6.13, 1.7.10, and 1.8.2."}, {"lang": "es", "value": " HashiCorp Nomad y Nomad Enterprise 1.6.12 hasta 1.7.9 y 1.8.1 al desempaquetar archivos durante la migraci\u00f3n es vulnerable a que la ruta se escape del directorio de asignaci\u00f3n. Esta vulnerabilidad, CVE-2024-6717, se solucion\u00f3 en Nomad 1.6.13, 1.7.10 y 1.8.2."}], "id": "CVE-2024-6717", "lastModified": "2026-01-02T20:23:38.783", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 4.0, "source": "security@hashicorp.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-07-23T01:15:09.190", "references": [{"source": "security@hashicorp.com", "tags": ["Vendor Advisory"], "url": "https://discuss.hashicorp.com/t/hcsec-2024-15-nomad-vulnerable-to-allocation-directory-path-escape-through-archive-unpacking/68781"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://discuss.hashicorp.com/t/hcsec-2024-15-nomad-vulnerable-to-allocation-directory-path-escape-through-archive-unpacking/68781"}], "sourceIdentifier": "security@hashicorp.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-610"}], "source": "security@hashicorp.com", "type": "Secondary"}]}